What is privacy?

‘Privacy’ is not defined in legislation, and providing a conclusive definition is difficult. Privacy relates to the principles of human dignity, human uniqueness, the importance of solitude, and has historically been described as ‘the right to be left alone.’[1]

Privacy encompasses several overlapping notions, including secrecy, confidentiality, solitude of the home, informational self-determination, freedom from surveillance, and the protection of an individual’s intimate relationships.[2]

Privacy has been recognised broadly as a human right in international instruments including the United Nations Declaration of Human Rights and the International Covenant on Civil and Political Rights. In Victoria, a right to privacy is included in the Victorian Charter of Human Rights and Responsibilities Act 2006.

Privacy of personal information has increasingly come into the spotlight internationally and in Australia. This is largely as a consequence of the exponential rise in sophistication of digital and other surveillance technologies, and the increasing ability for governments and organisations to collect and store detailed caches of personal information.

As a result, laws protecting information privacy have been enacted in numerous countries, including Australia. Many of these laws are based on guidelines developed by the Organisation for Economic Cooperation and Development (OECD) in 1980.

What is information privacy?

Australia’s legislative approach to privacy has centred one aspect of privacy – control of information about oneself – or what has become known as ‘information privacy’. Most states and territories, as well as the Commonwealth, have enacted information privacy laws.

Under the Act, “ ‘personal information’ means information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion, but does not include information of a kind to which the Health Records Act 2001 applies.” [3]

Information privacy protections are embodied in ten Information Privacy Principles (IPPs) set out in Schedule 1 of the PDPA.

The IPPs govern the collection, use and handling of personal information by Victorian public sector organisations, local councils and contracted service providers.

The objects of the PDPA with respect to information privacy are to:

• balance the public interest in the free flow of information with the public interest in protecting the privacy of personal information in the public sector; and• promote awareness of responsible personal information handling practices in the public sector; and• promote the responsible and transparent handling of personal information in the public sector.[4]